The secret utility is a
shell script that reads from stdin and encrypts
(−e) the data with the users default gpg(1)
public key. The encrypted data is output to the file
name in the directory SECRETDIR.

The data can be
decrypted (−d) to stdout using any part
of name as the argument. A list of files will be
displayed if there is more than one match.

See the
EXAMPLE section below for further information on how
this utility may be used.

−h

Show a summary
of the available flags and exit.

−d

Decrypt the
file that best matches name.

−e

Encrypt to the
file name and if necessary clear(1) the screen.

−l

List the files
matching name. A single asterisk (*) will list all
the files in SECRETDIR.

−v

Show the
current version number and exit.

ENVIRONMENT
SECRETDIR

The directory
where secret stores the encrypted files. The default
is $HOME/.secrets. This directory will be created if
it does not exist.

SECRETGPG

The path to the
gpg(1) or gpg2(1) executable. By default secret will
look for it in PATH.

SECRETRCP

The recipient
that gpg(1) will encrypt to. The default is to use the
gpg(1) option ‘--default-recipient-self’.

FILES
$HOME/.secrets

The default
directory for storing the encrypted files. This can be
changed with the SECRETDIR environment variable.

EXIT
STATUS

The secret utility
exits 0 on success, and >0 if an error
occurs.

The
secret utility tries to exit with the status of the
sub program that produced the error in question.

EXAMPLES

Encrypt ‘list.txt’
to the file named ‘enemies_list’:

secret -e
enemies_list <list.txt

Decrypt the file
matching ‘enemies’ and send the output to
‘revenge.txt’:

secret -d
enemies >revenge.txt

The data can
also be binary:

secret -e
picture.jpg <compromising.jpg

The data need
not be piped. Here follows an example that makes use of the
shells line editor:

Suppose we just
want to see how many ‘tulip’ related files we
have stored in SECRETDIR:

secret -l
tulip

SEE ALSO

clear(1), environ(7), gpg(1),
gpg2(1), sh(1)

secret:

http://yagrebu.net/secret/

GnuPG:https://www.gnupg.org/

AUTHORS

Mattias Wikstrom
<burke@yagrebu.net>

SECURITY
CONSIDERATIONS

Any automatic logging of shell
input obviously represents a great security risk. Also the
clearing of the screen after successful encryption should
not be relied upon for any real safety. To protect sensitive
data the console or terminal should be exited and any
scrollback buffers should be securely wiped.